← Back

CVE-2012-3696

nvd nist
Published: Jul 25, 2012Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that leverages improper WebSockets URI handling.

Affected (102)

Products: Apple: Safari
Apple
1 product
Safari
Configuration A
102 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Safari
Up to 5.1.7
Safari
Version 1.0.0
Safari
Version 1.0.0b1
Safari
Version 1.0.0b2
Safari
Version 1.0.1
Safari
Version 1.0.2
Safari
Version 1.0.3
Safari
Version 1.0.3 85.8.1
Safari
Version 1.0.3 85.8
Safari
Version 1.0
Safari
Version 1.0 beta2
Safari
Version 1.0 beta
Safari
Version 1.0b1
Safari
Version 1.1.0
Safari
Version 1.1.1
Safari
Version 1.1
Safari
Version 1.2.0
Safari
Version 1.2.1
Safari
Version 1.2.2
Safari
Version 1.2.3
Safari
Version 1.2.4
Safari
Version 1.2.5
Safari
Version 1.2
Safari
Version 1.3.0
Safari
Version 1.3.1
Safari
Version 1.3.2
Safari
Version 1.3.2 312.5
Safari
Version 1.3.2 312.6
Safari
Version 1.3
Safari
Version 2.0.0
Safari
Version 2.0.1
Safari
Version 2.0.2
Safari
Version 2.0.3
Safari
Version 2.0.3 417.8
Safari
Version 2.0.3 417.9.2
Safari
Version 2.0.3 417.9.3
Safari
Version 2.0.3 417.9
Safari
Version 2.0.4
Safari
Version 2.0.4
Safari
Version 2.0
Safari
Version 2
Safari
Version 3.0.0
Safari
Version 3.0.0
Safari
Version 3.0.0b
Safari
Version 3.0.0b
Safari
Version 3.0.1
Safari
Version 3.0.1
Safari
Version 3.0.1 beta
Safari
Version 3.0.1b
Safari
Version 3.0.1b
Safari
Version 3.0.2
Safari
Version 3.0.2
Safari
Version 3.0.2b
Safari
Version 3.0.2b
Safari
Version 3.0.3
Safari
Version 3.0.3
Safari
Version 3.0.3b
Safari
Version 3.0.3b
Safari
Version 3.0.4
Safari
Version 3.0.4
Safari
Version 3.0.4b
Safari
Version 3.0.4b
Safari
Version 3.0
Safari
Version 3.1.0
Safari
Version 3.1.0
Safari
Version 3.1.0b
Safari
Version 3.1.0b
Safari
Version 3.1.1
Safari
Version 3.1.1b
Safari
Version 3.1.2
Safari
Version 3.1.2b
Safari
Version 3.2.0
Safari
Version 3.2.0b
Safari
Version 3.2.1
Safari
Version 3.2.1b
Safari
Version 3.2.2
Safari
Version 3.2.2b
Safari
Version 3
Safari
Version 4.0.0b
Safari
Version 4.0.1
Safari
Version 4.0.2
Safari
Version 4.0.3
Safari
Version 4.0.4
Safari
Version 4.0.5
Safari
Version 4.0
Safari
Version 4.0 beta
Safari
Version 4.1.1
Safari
Version 4.1.2
Safari
Version 4.1
Safari
Version 5.0.1
Safari
Version 5.0.2
Safari
Version 5.0.4
Safari
Version 5.0.5
Safari
Version 5.0.6
Safari
Version 5.0
Safari
Version 5.1.1
Safari
Version 5.1.2
Safari
Version 5.1.3
Safari
Version 5.1.4
Safari
Version 5.1.5
Safari
Version 5.1.6
Safari
Version 5.1

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Source: product-security@apple.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.